package com.it.demo.controller;

import com.it.demo.entity.Permission;
import com.it.demo.entity.SecurityUser;
import com.it.demo.entity.User;
import com.it.demo.service.AclService;
import com.it.demo.service.UserService;
import com.it.demo.util.JWTUtil;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.util.List;
import java.util.Objects;

@RestController
public class LoginController {

    @Resource
    UserService userService;

    @Resource
    AclService aclService;

    @Resource
    JWTUtil jwtUtil;

    @Resource
    private AuthenticationManager authenticationManager;

    @GetMapping("/security/login")
    public String securityLogin(String username,String password){
        UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken(username,password);
        // 使用authenticationManager调用loadUserByUsername获取数据库中的用户信息,
        Authentication authentication = authenticationManager.authenticate(authToken);
        if(authentication == null) {
            throw new RuntimeException("Login false");
        }

        //获取符合security规范的User
        SecurityUser securityUser = (SecurityUser) authentication.getPrincipal();

        String token = jwtUtil.createToken(securityUser.getUser());
        return token;
    }


    @GetMapping("/jwt/test")
    public User jwtTest(HttpServletRequest request){
        String token = request.getHeader("Token");
        User user = jwtUtil.verify(token);
        return user;
    }

    @GetMapping("/jwt/login")
    public String jwtLogin(String username,String password){
        User user = userService.getByUsername(username);
        if(Objects.nonNull(user)) {
            if (!user.getPwd().equals(password)) {
                return "密码错误！";
            }
        }
        String token = jwtUtil.createToken(user);
        return token;
    }


    @GetMapping("/acl/login")
    public String loginAcl(String username,String password){
        User user = userService.getByUsername(username);
        if(Objects.nonNull(user)){
            if(!user.getPwd().equals(password)){
                return "密码错误！";
            }
            //根据用户获取ACL权限列表
            List<Permission> permissionList = aclService.findByUserId(user.getId());
            return permissionList.toString();
        }else {
            return "用户名不存在";
        }
    }

    @GetMapping("/rbac/login")
    public String loginRbac(String username,String password){
        User user = userService.getByUsername(username);
        if(Objects.nonNull(user)){
            if(!user.getPwd().equals(password)){
                return "密码错误！";
            }
            //根据用户获取ACL权限列表
            List<Permission> permissionList = userService.findByUserRole(user.getId());
            return permissionList.toString();
        }else {
            return "用户名不存在";
        }
    }

    @GetMapping("/login")
    public String login(String username,String password){
        Subject subject = SecurityUtils.getSubject();
        //令牌
        UsernamePasswordToken token = new UsernamePasswordToken(username, password);

        try {
            //登录认证
            subject.login(token);
            return "恭喜，登录成功！";
        }catch (UnknownAccountException e){
            return "账号不存在";
        }catch (IncorrectCredentialsException e){
            return "密码错误";
        }

    }
}
